Research And Application Of Searchable Encryption Technology

Symmetric Searchable Encryption(SSE)is deemed to tackle the privacy issue as well as the operability and confidentiality in data outsourcing.However,most SSE schemes assume that the cloud is honest but curious.This assumption is not always applicable.Because the server may deliberately return the historical version or incomplete query results to the user to save the server itself computation overhead.To address this problem,even though some schemes support validation and checking of data integrity or freshness in a malicious cloud,they have some limitations.But to our best knowledge,existing VSSE schemes exhibit very limited applicability,such as only supporting static database,demanding specific SSE constructions,only working in the single-user model or the verification efficiency is relatively low.To improve the performance and security of SSE,The work of this paper mainly includes the following aspects:(1)To improve the search efficiency of SSE scheme,B+-Tree is used to construct the secure index of document keyword pairs to improve the retrieval efficiency.(2)In order to prevent malicious cloud servers from launching replay attacks and freshness attacks,Counting Bloom Filter(CBF),timestamp mechanism and digital signature are combined to realize efficient and fast query verification.(3)For improving the search efficiency,the Bloon Filter is used to prejudge whether the keyword searched by the user exists,and when the keyword does not exist,the CBF is used to establish a validator to improve the validation efficiency and query efficiency of the user,so as to increase the search experience of the user.(4)the user's access authority to encrypted medical records in the electronic medical system and the statistical analysis of encrypted data effectively,a multi-authority and multi-server-multi-user searchable encryption scheme for encrypted medical data is proposed.Different from other schemes,it is based on differential-privacy(DP),which prevents the patient's Privacy from being inferred by malicious analysts.(5)By deploying an improved Multi-Authority Attribute-Based Encryption(MA-ABE)scheme,all authorizations can assign their search capabilities to customers under different authorizations without additional negotiation.(6)In order to realize statistical query in the encrypted database,this paper uses the Differential Privacy counter based on encryption to complete the statistical query of the analyst.To prevent the cloud server from returning part of the query results to users.The dual servers are used to store the secure index of data and encrypted documents separately.The user determines the integrity of the results by validating the results returned from both servers.Finally,we evaluate our scheme through comprehensive experiments.